Skip to content

Commit

Permalink
refactor: Improve attribute sanitization in Server model
Browse files Browse the repository at this point in the history
  • Loading branch information
@andrasbacsai
andrasbacsai committed Sep 20, 2024
1 parent be42f15 commit eb9bbf3
Show file tree
Hide file tree
Showing 2 changed files with 44 additions and 20 deletions.
29 changes: 29 additions & 0 deletions app/Models/Server.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -884,6 +884,35 @@ public function services()
return $this->hasMany(Service::class);
}

public function port(): Attribute
{
return Attribute::make(
get: function ($value) {
return preg_replace('/[^0-9]/', '', $value);
}
);
}

public function user(): Attribute
{
return Attribute::make(
get: function ($value) {
$sanitizedValue = preg_replace('/[^A-Za-z0-9\-_]/', '', $value);

return $sanitizedValue;
}
);
}

public function ip(): Attribute
{
return Attribute::make(
get: function ($value) {
return preg_replace('/[^0-9a-zA-Z.-]/', '', $value);
}
);
}

public function getIp(): Attribute
{
return Attribute::make(
Expand Down
35 changes: 15 additions & 20 deletions resources/views/livewire/server/form.blade.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,10 @@
<div class="flex gap-2">
<h2>General</h2>
@if ($server->id === 0)
<x-modal-confirmation
title="Confirm Server Settings Change?"
buttonTitle="Save"
submitAction="submit"
:actions="['You could lose a lot of functionalities if you change the server details of the server where Coolify is running on.']"
:confirmWithText="false"
:confirmWithPassword="false"
step2ButtonText="Save Server Settings"
/>
<x-modal-confirmation title="Confirm Server Settings Change?" buttonTitle="Save" submitAction="submit"
:actions="[
'You could lose a lot of functionalities if you change the server details of the server where Coolify is running on.',
]" :confirmWithText="false" :confirmWithPassword="false" step2ButtonText="Save" />
@else
<x-forms.button type="submit">Save</x-forms.button>
@if ($server->isFunctional())
Expand Down Expand Up @@ -39,7 +34,7 @@
<livewire:server.validate-and-install :server="$server" />
</x-slot:content>
<x-forms.button @click="slideOverOpen=true"
class="w-full mt-8 mb-4 font-bold box-without-bg bg-coollabs hover:bg-coollabs-100"
class="mt-8 mb-4 w-full font-bold box-without-bg bg-coollabs hover:bg-coollabs-100"
wire:click.prevent='validateServer' isHighlighted>
Validate Server & Install Docker Engine
</x-forms.button>
Expand All @@ -62,7 +57,7 @@ class="w-full mt-8 mb-4 font-bold box-without-bg bg-coollabs hover:bg-coollabs-1
number of servers for which you have paid.</div>
@endif
<div class="flex flex-col gap-2 pt-4">
<div class="flex flex-col w-full gap-2 lg:flex-row">
<div class="flex flex-col gap-2 w-full lg:flex-row">
<x-forms.input id="server.name" label="Name" required />
<x-forms.input id="server.description" label="Description" />
@if (!$server->settings->is_swarm_worker && !$server->settings->is_build_server)
Expand All @@ -71,7 +66,7 @@ class="w-full mt-8 mb-4 font-bold box-without-bg bg-coollabs hover:bg-coollabs-1
@endif

</div>
<div class="flex flex-col w-full gap-2 lg:flex-row">
<div class="flex flex-col gap-2 w-full lg:flex-row">
<x-forms.input type="password" id="server.ip" label="IP Address/Domain"
helper="An IP Address (127.0.0.1) or domain (example.com)." required />
<div class="flex gap-2">
Expand All @@ -98,24 +93,24 @@ class="w-full mt-8 mb-4 font-bold box-without-bg bg-coollabs hover:bg-coollabs-1
<x-helper class="ml-2" helper="Server's timezone. This is used for backups, cron jobs, etc." />
</div>
<div class="relative">
<div class="inline-flex items-center relative w-64">
<div class="inline-flex relative items-center w-64">
<input wire:dirty.class.remove='dark:focus:ring-coolgray-300 dark:ring-coolgray-300'
wire:dirty.class="dark:focus:ring-warning dark:ring-warning" x-model="search"
@focus="open = true" @click.away="open = false" @input="open = true" class="w-full input "
@focus="open = true" @click.away="open = false" @input="open = true" class="w-full input"
:placeholder="placeholder" wire:model.debounce.300ms="server.settings.server_timezone">
<svg class="absolute right-0 w-4 h-4 mr-2" xmlns="http://www.w3.org/2000/svg" fill="none"
<svg class="absolute right-0 mr-2 w-4 h-4" xmlns="http://www.w3.org/2000/svg" fill="none"
viewBox="0 0 24 24" stroke-width="1.5" stroke="currentColor" @click="open = true">
<path stroke-linecap="round" stroke-linejoin="round"
d="M8.25 15L12 18.75 15.75 15m-7.5-6L12 5.25 15.75 9" />
</svg>
</div>
<div x-show="open"
class="absolute z-50 w-64 mt-1 bg-white dark:bg-coolgray-100 border dark:border-coolgray-200 rounded-md shadow-lg max-h-60 overflow-auto scrollbar overflow-x-hidden">
class="overflow-auto overflow-x-hidden absolute z-50 mt-1 w-64 max-h-60 bg-white rounded-md border shadow-lg dark:bg-coolgray-100 dark:border-coolgray-200 scrollbar">
<template
x-for="timezone in timezones.filter(tz => tz.toLowerCase().includes(search.toLowerCase()))"
:key="timezone">
<div @click="search = timezone; open = false; $wire.set('server.settings.server_timezone', timezone)"
class="px-4 py-2 cursor-pointer hover:bg-gray-100 dark:hover:bg-coolgray-300 text-gray-800 dark:text-gray-200"
class="px-4 py-2 text-gray-800 cursor-pointer hover:bg-gray-100 dark:hover:bg-coolgray-300 dark:text-gray-200"
x-text="timezone"></div>
</template>
</div>
Expand All @@ -126,7 +121,7 @@ class="px-4 py-2 cursor-pointer hover:bg-gray-100 dark:hover:bg-coolgray-300 tex
@if (!$server->isLocalhost())
<x-forms.checkbox instantSave id="server.settings.is_build_server"
label="Use it as a build server?" />
<div class="flex items-center gap-1 pt-6">
<div class="flex gap-1 items-center pt-6">
<h3 class="">Cloudflare Tunnels
</h3>
<x-helper class="inline-flex"
Expand Down Expand Up @@ -168,7 +163,7 @@ class="px-4 py-2 cursor-pointer hover:bg-gray-100 dark:hover:bg-coolgray-300 tex
@endif
@endif
@else
<div class="flex items-center gap-1 pt-6">
<div class="flex gap-1 items-center pt-6">
<h3 class="">Cloudflare Tunnels
</h3>
<x-helper class="inline-flex"
Expand Down Expand Up @@ -213,7 +208,7 @@ class="px-4 py-2 cursor-pointer hover:bg-gray-100 dark:hover:bg-coolgray-300 tex
helper="You can define the maximum duration for a deployment to run before timing it out." />
</div>
</div>
<div class="flex items-center gap-2 pt-4 pb-2">
<div class="flex gap-2 items-center pt-4 pb-2">
<h3>Sentinel</h3>
{{-- @if ($server->isSentinelEnabled()) --}}
{{-- <x-forms.button wire:click='restartSentinel'>Restart</x-forms.button> --}}
Expand Down

0 comments on commit eb9bbf3

Please sign in to comment.